A Closer Look at Windows 8 Security

Windows 8 also includes improvements to Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP). ASLR ensures that the address space of a process is randomized, thereby making it more difficult to predict the location of code within memory, while DEP prevents data from being executed. The improvements to ASLR and DEP are combined with the new Windows 8 application sandboxing capability that effectively limits the access of a compromised application. This feature means the bad guys will be fighting an uphill battle to deliver effective exploits for Windows 8.

It is also worth noting that there are other new mitigations in the kernel that go well beyond just improvements to ASLR and DEP. New integrity checks in the kernel and improvements with randomization using a similar approach are also new mitigations in Windows 8.

One of the issues of ASLR and DEP, of course, is that you have to rely on the programmer writing an application to actually turn them on. In Windows 8, the capability to literally mark data in memory as “non-executable” is a great step forward. However, it limits the ability to run Windows 8 only on a CPU that can handle this requirement via this “NX” capability to mark data in memory as non-executable.

Another interesting new security feature built into Windows 8 is support for “Supervisor Mode Execution Protection” (SMEP). It is supported on today’s Intel Ivy Bridge CPUs, and because user pages are only for data, it can effectively stop an Ivy Bridge CPU using Windows 8 from running any memory pages that are marked as ‘user’ rather than ‘kernel.’ This is another security feature that will likely complicate the development of reliable and repeatable malware.

While not an all-encompassing review of the security features available in Windows 8, in this slideshow, Paul Henry, security and forensic analyst at Lumension, takes a quick look at some of the more noteworthy capabilities in this latest iteration from Microsoft.

Get a taste of what experts are thinking about in the realm of enterprise virtual reality and enterprise augmented reality. ... More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.

By submitting your information, you agree that itbusinessedge.com may send you ITBbusinessEdge offers via email, phone and text message, as well as email offers about other products and services that ITBbusinessEdge believes may be of interest to you. ITBbusinessEdge will process your information in accordance with the Quinstreet Privacy Policy.